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WHAT IS CLAIMED IS: 

1. A person authentication system for executing person 
authentication by comparing a template with sampling 
information, the template being person authentication data, 
and the sampling information being input by a user, the 
person authentication system comprising: 

a person authentication authority issuing a person 
authentication certificate storing template information 
including the template; and 

a person authentication execution entity obtaining the 
template from the person authentication certificate issued 
by said person authentication authority and executing person 
authentication on the basis of the obtained template; 

wherein the person authentication certificate issued by 
said person authentication authority stores usage 
restriction information which includes at least either a 
certificate expiration date or a certificate usage number 
limit ; and 

said person authentication execution entity checks the 
validity of the person authentication certificate on the 
basis of the certificate expiration date or the certificate 
usage number limit when the person authentication is 
executed on the basis of the person authentication 
certificate . 
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2. A person authentication system according to Claim 1, 
wherein said person authentication execution entity checks 
the validity of the person authentication certificate on the 
basis of a certificate expiration date or a certificate 
usage number limit in person authentication processing on 
the basis of the person authentication certificate, and then 
executes the person authentication by comparing the template, 
stored in the person authentication certificate, with 
sampling information input by a user on the condition that 
the validity of the person authentication certificate has 
been confirmed on the basis of the certificate expiration 
date or the certificate usage number limit . 

3. A person authentication system according to Claim 1, 
wherein said person authentication execution entity has a 
person authentication executing device, and the person 
authentication executing device executes the following 
processing when usage restriction information of a 
certificate usage number limit is stored in a person 
authentication certificate: 

storing a set usage count in a memory of the person 
authentication executing device; 

updating usage count data stored in the memory every 
time the person authentication certificate is used; 
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determining whether the usage count data is within the 
limits of the set usage count of the person authentication 
certificate; and 

executing person authentication by comparing user input 
sampling information with a template stored in the person 
authentication certificate if the usage count data is within 
the certificate usage number limit. 

4. A person authentication system according to Claim 1, 
wherein a person identification certificate issued by said 
person identification certificate authority stores a 
template expiration date which is information on an 
expiration date of the template stored in the person 
identification certificate; and 

said person authentication execution entity checks the 
validity of the template on the basis of the template 
expiration date in person authentication processing on the 
basis of the person authentication certificate. 

5. A person authentication system according to Claim 1, 
wherein said person authentication execution entity checks 
the validity of a template on the basis of a template 
expiration date in person authentication processing on the 
basis of the person authentication certificate, and then 
executes the person authentication by comparing the template. 
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stored in the person authentication certificate, with 
sampling information input by a user on the condition that 
the validity of the template expiration date has been 
confirmed. 

6. A person authentication system according to Claim 1, 
wherein said person authentication execution entity 
functions as an information processing apparatus, and the 
information processing apparatus checks the validity of the 
template expiration date or the expiration date of a person 
authentication certificate which is set in the certificate 
stored in the information processing apparatus and then 
outputs a request for issuing the person authentication 
certificate to said person identification certificate 
authority which issues the person authentication certificate 
when the validity can not be confirmed; 

said person identification certificate authority makes 
the person authentication certificate in which a new 
expiration date is set and then issues the person 
identification certificate to the information processing 
apparatus ; and 

the information processing apparatus has storage means 
and stores the person identification certificate, which is 
issued by said person identification certificate authority, 
in the storage means. 
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7. A person authentication system according to Claim 1, 
wherein said person identification certificate authority 
checks the validity of a template expiration date or an 
expiration date of an issued person identification 
certificate, and then gives notice to an entity received the 
person identification certificate of which a expiration date 
is approaching. 

8. A person authentication system according to Claim 1, 
wherein said person identification certificate authority 
receives a request for updating an issued person 
authentication certificate from an entity received the 
person identification certificate, makes a person 
authentication certificate in which a updated expiration 
date or a updated certificate usage number limit is set 
according to the request, and then issues the person 
authentication certificate. 

9. A person authentication system according to Claim 1, 
wherein said person identification certificate authority 
receives a request for updating the template, stored in a 
person identification certificate which has been issued, 
from an authenticated user of a person identification 
certificate; and 
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said person identification certificate authority 
nullifies the person identification certificate according to 
the request and then makes a person identification 
certificate on the basis of a updated template. 

10 . A person authentication system according to Claim 1 , 
wherein said person identification certificate authority 
receives data of a request for setting a template expiration 
date from an authenticated user of a person identification 
certificate, and then makes a person identification 
certificate in which a template expiration date is set on 
the basis of the data of the request for setting a template 
expiration date. 

11. A person authentication system according to Claim 1, 
wherein said person identification certificate authority and 
said person authentication executing entity execute mutual 
authentication, when data communication is performed 
therebetween, a data transmitter puts a digital signature on 
transmitted data, and a data receiver verifies the digital 
signature . 

12. A person authentication system according to Claim 1, 
wherein the template is personal biotic information such as 
fingerprint information, retina pattern information, iris 
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pattern information, voice print information, and 
handwriting information; 

personal nonbiotic information such as seal information, 
passport information, driver's license information, and card 
information ; 

any combination of the personal biotic information and 
the personal nonbiotic information; or 

a combination of the above information and a password. 

13. A person authentication system according to Claim 1, 
wherein said person identification certificate authority 
puts a digital signature on a person authentication 
certificate issued by said person identification certificate 
authority. 

14. A person authentication method for executing person 
authentication by comparing a template with sampling 
information, the template being person authentication data, 
and the sampling information being input by a user, the 
person authentication method comprising: 

causing a person authentication authority to issue a 
person authentication certificate storing template 
information including the template; 

causing a person authentication execution entity to 
obtain the template from the person authentication 
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certificate issued by the person authentication authority 
and to execute person authentication on the basis of the 
obtained template; 

storing usage restriction information, which includes 
at least either a certificate expiration date or a 
certificate usage number limit, in the person authentication 
certificate issued by the person authentication authority ; 
and 

causing the person authentication execution entity to 
check the validity of the person authentication certificate 
on the basis of the certificate expiration date or 
certificate usage number limit in person authentication 
processing on the basis of the person authentication 
certificate. 

15. A person authentication method according to Claim 
14, wherein a person authentication execution entity checks 
the validity of the person authentication certificate on the 
basis of a certificate expiration date or a certificate 
usage number limit in person authentication processing on 
the basis of the person authentication certificate, and then 
executes the person authentication by comparing the template, 
stored in the person authentication certificate, with 
sampling information input by a user on the condition that 
the validity of the person authentication certificate has 
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been confirmed on the basis of the certificate expiration 
date or the certificate usage number limit. 

16. A person authentication method according to Claim 
14, wherein a person authentication execution entity has a 
person authentication executing device, and the person 
authentication executing device executes the following 
processing when usage restriction information of a 
certificate usage number limit is stored in a person 
authentication certificate: 

storing a set usage count in a memory of the person 
authentication executing device; 

updating usage count data stored in the memory every 
time the person authentication certificate is used; 

determining whether the usage count data is within the 
limits of the set usage count of the person authentication 
certificate; and 

executing person authentication by comparing sampling 
information, input by a user, with a template stored in the 
person authentication certificate if the usage count data is 
within the limits. 

17 . A person authentication method according to Claim 
14, wherein the person identification certificate authority 
stores a template expiration date, which is information on 
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an expiration date of a template stored in a person 
identification certificate made by the person identification 
certificate authority; and 

a person authentication execution entity checks the 
validity of the template on the basis of a template 
expiration date in person authentication processing on the 
basis of the person authentication certificate. 

18. A person authentication method according to Claim 
17, wherein the person authentication execution entity 
checks the validity of a template on the basis of a template 
expiration date in person authentication processing on the 
basis of a person authentication certificate, and then 
executes the person authentication by comparing the template, 
stored in the person authentication certificate, with 
sampling information input by a user on the condition that 
the validity of the template expiration date has been 
confirmed. 

19. A person authentication method according to Claim 
14, wherein said person authentication execution entity 
functions as an information processing apparatus; 

the information processing apparatus checks the 
validity of a template expiration date or a expiration date 
of a person authentication certificate which is set in the 
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person authentication certificate stored in the apparatus, 
and then outputs a request for issuing the person 
authentication certificate to a person identification 
certificate authority which issues the person authentication 
certificate when the validity can not be confirmed; 

the person identification certificate authority makes 
the person authentication certificate in which a new 
expiration date is set and then issues the person 
identification certificate to the information processing 
apparatus ; and 

the information processing apparatus has storage means 
and stores the person identification certificate, which is 
issued by the person identification certificate authority, 
in the storage means. 

20. A person authentication method according to Claim 
14, wherein the person identification certificate authority 
checks the validity of a template expiration date or an 
expiration date of an issued person identification 
certificate, and then gives notice to an entity received the 
person identification certificate of which a expiration date 
is approaching. 

21. A person authentication method according to Claim 
14, wherein the person identification certificate authority 
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receives a request for updating an issued person 
authentication certificate from an entity received the 
person identification certificate, then issues a person 
authentication certificate in which a updated expiration 
date or a updated certificate usage number limit is set 
according to the request, and issues a certificate usage 
number limit . 

22. A person authentication method according to Claim 
14, wherein the person identification certificate authority 
receives a request for updating a template, stored in a 
person identification certificate which has been issued, 
from an authenticated user of a person identification 
certificate; and 

the person identification certificate authority 
nullifies the person identification certificate according to 
the request and then makes a person identification 
certificate on the basis of a updated template. 

23. A person authentication method according to Claim 
14, wherein the person identification certificate authority 
receives data of a request for setting a template expiration 
date from an authenticated user of a person identification 
certificate, and then makes the person identification 
certificate in which a template expiration date is set on 
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the basis of the data of the request for setting a template 
expiration date. 

24. A person authentication method according to Claim 
14, wherein the person identification certificate authority 
and the person authentication executing entity executes 
mutual authentication, when data communication is performed 
therebetween, a data transmitter puts a digital signature or 
transmitted data, and a data receiver verifies the digital 
signature . 

25. An information processing apparatus for executing 
person authentication by comparing a template with sampling 
information, the template being person authentication data, 
and the sampling information being input by a user, the 
information processing apparatus comprising: 

a section for storing the template to execute person 
authentication on the basis of a person authentication 
certificate issued by a person authentication certificate 
authority which is a third party; and 

a section for checking the validity of the person 
authentication certificate on the basis of a certificate 
expiration date or certificate usage number limit in person 
authentication processing on the basis of the person 
authentication certificate, and then executes the person 
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authentication by comparing the template, stored in the 
person authentication certificate, with the sampling 
information input by a user on the condition that the 
validity of the person authentication certificate has been 
confirmed on the basis of the certificate expiration date or 
certificate usage number limit. 

26. An information processing apparatus for executing 
person authentication by comparing a template with sampling 
information, the template being person authentication data, 
and the sampling information being input by a user, the 
information processing apparatus comprising: 

a section for storing the template to execute person 
authentication on the basis of a person authentication 
certificate issued by a person authentication certificate 
authority which is a third party; 

a section for executing the following processing when 
usage restriction information of valid certificate usage 
number is stored in a person authentication certificate: 
storing a set usage count in a memory of the device; 
updating usage count data stored in the memory every time 
the person authentication certificate is used; determining 
whether the usage count data is within the limits of the set 
usage count of the person authentication certificate; and 

executing person authentication by comparing user input 
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sampling information with a template stored in the person 
authentication certificate if the usage count data is within 
the limits . 

27. An information processing apparatus for executing 
person authentication by comparing a template with sampling 
information, the template being person authentication data, 
and the sampling information being input by a user, the 
information processing apparatus comprising: 

a section for storing the template to execute person 
authentication on the basis of a person authentication 
certificate issued by a person authentication certificate 
authority which is a third party; and 

a section for checking the validity of the template on 
the basis of the template expiration date in person 
authentication processing on the basis of the person 
authentication certificate, and then executes the person 
authentication by comparing the template, stored in the 
person authentication certificate, with sampling information 
input by a user on the condition that validity of the 
template expiration date has been confirmed. 

28. A program providing medium for proving a computer 
program which executes person authentication on the computer 
program by comparing a template with sampling information. 
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the template being person authentication data, and the 
sampling information being input by a user, 
the computer program comprising: 

a step of confirming whether usage restriction 
information, which includes either a certificate expiration 
date, a certificate usage number limit, or a template 
expiration date, is stored in a person authentication 
certificate issued by a person authentication certificate 
authority; 

a step of checking the validity of the person 
authentication certificate on the basis of the certificate 
expiration date, the certificate usage number limit, or the 
template expiration date in person authentication processing 
on the basis of the person authentication certificate; and 

a step of executing the person authentication by 
comparing the template, stored in the person authentication 
certificate, with sampling information input by a user on 
the condition that the validity of the person authentication 
certificate has been confirmed on the basis of the 
certificate expiration date, certificate usage number limit, 
or the template expiration date. 



